Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. Imagine how risky it is if a hacker can do all this remotely.
Yahoo was hit with a major malvertising campaign this week, putting millions at risk. We explain in our blog post what you need to know about malvertising and exploit kits.
We discovered a new vulnerability that allows attackers to perform denial of service (DoS) attacks on Android’s mediaserver program. This causes a device’s system to reboot and drain all its battery life and sometimes be trapped in an endless reboot and rendered unusable.
This year, researchers have taken hacking at Black Hat to a new level as the globe and its infrastructure become ever more networked. Talks include how to take a nuclear plant offline, hacking a chemical production facility, taking over a computer-aided rifle and wirelessly controlling cars from afar.
China’s stringent online restrictions are set to become even more extreme, as the country’s Ministry of Public Security has announced that cybersecurity police will be placed into the offices of major internet companies.
The government agency was “honored” at The Pwnies, a comedic awards show held at the Black Hat USA cybersecurity conference, for breaches that exposed the personal information of tens of millions of current and former federal workers, including the fingerprints of more than a million people who applied for government background checks.
As the wealth of information increases so does the dependency on it, which is why hackers are willing to exploit that dependency for their own economic benefit. Crypto-ransomware encrypts a victim’s most important files and holds them hostage until a payment is made to the hacker.
A security researcher used intentional radio signals as a carrier to broadcast data to an attacker even in situations where networks were “air-gapped” from the outside world. The result of the work of his research team is Funtenna, a software exploit that can turn a device with embedded computing power into a radio-based backchannel to broadcast data to an attacker without using Wi-Fi, Bluetooth, or other known (and monitored) wireless communications channels.
Internet firms such as Cisco, Google and Amazon will be subject to a new EU cybersecurity law forcing them to adopt tough security measures and possibly report serious breaches to national authorities, according to a document seen by Reuters.
Please add your thoughts in the comments below or follow me on Twitter; @GavinDonovan.